site-base.yml

# order matters!
---
- hosts: all
  user: root

  tasks:
    - group_by: key="{{ansible_distribution_release}}"
    #- sshknownhosts: host={{item}} state=present
    #  with_items: groups.all

- hosts: Carbon
  user: root

  roles:
    - etckeeper
    - common

- hosts: precise
  user: root

  roles:
    - etckeeper
    - common

  post_tasks:
    - copy: src=files/sudoers.d-root-ssh-agent dest=/etc/sudoers.d/root-ssh-agent mode=0640
    - template: src=templates/hosts dest=/etc/hosts mode=0644

    ## install ceph from upstream repos
    - name: Get ceph release key
      apt_key: id=17ED316D url=https://raw.github.com/ceph/ceph/master/keys/release.asc state=present

    # latest stable version of ceph
    - apt_repository: repo='deb http://eu.ceph.com/debian-emperor/ precise main' state=present
    - apt: name=ceph-fs-common state=latest cache_valid_time=3600

    - apt_repository: repo='ppa:fish-shell/release-2' state=present
    - apt: name=fish state=present

    - apt: name=linux-generic-lts-saucy state=latest

- hosts: precise:!mail:!dri_app-lb
  user: root

  roles:
    - common-sendmail

# setup monitoring with xymon
- hosts: monitoring
  user: root

  roles:
    - xymon-server

- hosts: all:!monitoring
  user: root

  roles:
    - xymon-client

# Mysql - this is needed before fedora-commons and the rails app is setup
# there can only be two hosts in this block
- hosts: mysql_replicated
  user: root

  roles:
    - mysql-replicated

# Redis K/V store for resque queues
- hosts: redis
  user: root

  roles:
    - redis

# Fedora-Commons - Preservation and archival repository
- hosts: fedora
  user: root

  vars:
    fedora_db_server: "{{ groups['dri_app-lb'][0] }}"

  # setup DB's on one of the data, its easier to delegate to the mysql master for now than to do it in its own block. will need change this if and when we move to fedora 4
  pre_tasks:
    - debug: msg="{{fedora_db_server}}"
    - mysql_db: db={{ fedora_db_name }} state=present
      delegate_to: "{{ groups.mysql_replicated[0] }}"
    - mysql_user: state=present name={{ fedora_db_user }} password={{ fedora_db_pass }} priv={{ fedora_db_name }}.*:ALL host={{ groups['dri_app-lb'][0] }}
      delegate_to: "{{ groups.mysql_replicated[0] }}"

  roles:
    - fedora

# zookeeper for solrloud - search engine
- hosts: zookeeper
  user: root

  roles:
    - zookeeper

# SOLR - search engine
- hosts: solrcloud
  user: root

  roles:
    - solrcloud

# SOLR - search engine
- hosts: solr
  user: root

  roles:
    - solr


# mod_passenger for the systems that will run the rails app or the resque queues
- hosts: passenger
  user: root

  pre_tasks:
    - group: name={{rvm_user}} gid=10000 state=present
    - name: Create {{ rvm_user }}
      user: name={{rvm_user}} state=present shell=/bin/bash generate_ssh_key=yes uid=10000
    

    - name: Make sure .ssh directory exists
      file: path=/home/{{rvm_user}}/.ssh state=directory owner={{ rvm_user }} group={{rvm_user}}

    - authorized_key: user={{rvm_user}} key="{{ lookup('file','~/.ssh/id_rsa.pub') }}"

  roles:
    - rvm-passenger
    - sufia-deps

# install before Shibboleth IDP
- hosts: ldap_replicated
  user: root

  roles:
    - ldap-replicated

#install SP before IDP
- hosts: dri_app;dri_app_worker
  user: root

  roles:
     - shibboleth-sp

- hosts: shibboleth_idp
  user: root

  roles:
    - shibboleth-idp

- hosts: mail
  user: root

  roles:
    - mail-server


# Build/Test infrastructure
- hosts: buildbot-master
  user: root

  roles:
    - buildbot-master

- hosts: buildbot-slave
  user: root

  roles:
    - buildbot-slave
    - sufia-deps

  tasks:
    - template: src=templates/hosts.buildbot dest=/home/{{rvm_user}}/hosts.buildbot owner={{rvm_user}} group={{rvm_user}} mode=0600